U.K. Collaborative Cyber Security Policing Model Panel Discussion was Co-Hosted by Tyler Cohen Wood CISSP and we had the privilege to speak with Peter Goodman – National Police Lead for Serious and Organised Crime at the National Police Chief’s Council- (retiring from the Police this Friday 31/07/2020).
Mandy Haeburn-Little CEO of Business Resilience International Management.
Andy Gould – Detective Superintendent, National Cybercrime Programme, National Police Chief’s Council.
Phillip Donnelly – From the NPCC Cyber Crime Program.
Everyone shared such value! This episode can not be missed!
This interview contains some innovations that will not only set apart the UK Cyber Security Policing from the rest of the world but once implemented this strategy will make the world a better place.
If your company is interested in sponsoring our next video interview(s) we have a series in the making, please reachout to Nathaniel Schooler on firstname.lastname@example.org
These are just some of the questions that were answered and if you would like to read the transcript it is below with all timestamps removed for ease of reading.
Peter, you have been responsible for the introduction of the National Cyber Program within Policing, what do you see is being the main benefits to come from that?
Peter, you were the Chief Constable responsible for the introduction of cyber performance indicators within Policing, why was that in an important step for the UK?
What changes have you seen to how the world of cybercrime as Policing in the last 3 to 4 years?
How has COVID affected the UK’s cyber security? Do you think businesses need to take extra measures while many people are working remotely? What lessons have we learned thus far in terms of online security due to COVID pandemic?
Give us an overall view of the Cyber Resilience Centres (CRC Network)—what agencies are involved, what makes them unique and how are they the best way to protect the UK’s cyber critical infrastructure and business?
How do you see the Cyber Resilience Centres CRC network evolving and what role will this play for Policing?
How can private sector get involved in the CRC network?
You all have a great deal of experience in law enforcement and crime prevention. What are 3 things businesses and individuals can do right now to protect themselves and their assets from cyber threats?
Peter do you have any reflections as you leave your post?
I would like to say thank you to all who attended this discussion and for their service.
Checkout the Cyber Alarm Police site here https://cyberalarm.police.uk/
Checkout the Brim initiative here https://www.brimcentre.com/
One of the watchwords that I’ve had right from the start and shared with Andy is, if we forget about
Mrs Miggins of 1 Acacia Avenue then we’ve failed in our task in protecting the public, because a lot of attention gets focus on the attacks on businesses and enterprise.
But actually, it is Mrs Miggins losing her 32000 life savings through a cyber-attack, who’s actually really at the sharp end of all of this! So, it’s been my pleasure and privilege to lead this team during the course of the last 8 years.
And we’ve moved from a situation where there were only about 130 people working in cybercrime and all of them in London a fantastic woman! But here we are on our way
Who are investigators and who are intelligence officers?
Who are protecting, working to protect businesses and individuals from harm, stopping people going into cybercrime.
We’ve got capability in the dark web, we’ve got capability around cryptocurrency we’ve changed the whole of the policing approach to this.
Hopefully all that change has meant that Mrs Miggins of 1 Acacia Avenue is safer than she was 8 years ago!
Peter I’m going to ask you this again.
So you were the Chief Constable responsible for the introduction of cyber performance indicators within policing.
Why was that an important step for the UK?
It was an important step because it meant that we could quantify what we were doing and it meant that we could assess the risk as well and let me give you a really good example.
Of why it was necessary. If we slip over into the world of counterterrorism.
Counter terrorism in the UK has had a lot of investment during the course of the last 20 years, obviously because of the international situation.
A big part of that was the ability of the intelligence agencies to say you know what Government: –
“There are at least 2000 people out there who are actively plotting a terrorist act here or abroad and there are about 10000 who we also think are interested in becoming involved in that.”
And this is the capacity we’ve got. So they’re able to demonstrate very clearly the very real threat to the UK.
And the ability of policing and the broader security services to respond to it and that led Government into the inevitable position where I had to invest, not just the atrocities that because of the very clear intelligence picture and performance picture, that they were producing, so we’ve tried very much to copy that in cyber because nobody anywhere quite knows the full extent of cyber, I think we all know the vectors of attack, we know it’s big, we know it’s cost billions, but we don’t actually completely know what it is.
But we are able to demonstrate the performance regime.
That it really is that big and look at what our people are doing!
Look at what we’ve delivered to make the UK safer.
But actually, there needs to be continued investment, because without that we aren’t protecting our communities in the way that we should.
So it was about us understanding what we doing but also being able to have a proper intelligent dialogue with government about investment.
Thank you. That is such a great answer.
I’m going to go to Andy next.
Andy how has Covid affected the UK cyber security?
And do you think businesses need to take extra measures while many people working remotely?
Sorry, this is a three part question. And what lessons have we learnt thus far in terms of online security?
That is a really good question, I think what we’ve seen is kind of Covid was unexpected but if we’d actually considered the impact of a pandemic and how we might respond to it in the cyber world it would probably have played out largely how we predicted.
So there’s a sudden rush, so there was a mad rush to get the hardware, the infrastructure. I think it would probably fair to say that maybe everyone new the security would be important, but businesses weren’t going to stop doing business while they sorted the security out!
So you suddenly got a position where everyone’s on their home router all the vulnerabilities we know come from that.
Basically all the end points are no longer owned by the organisations themselves, delegating responsibility for securing the most important business to a junior staff at home who have no understanding of the capability to manage it.
Businesses to their credit have done a brilliant job in managing that crisis and getting through that storm.
Quite incredibly. But I think there’s been a big rush they have jerry built all these networks and this infrastructure.
We’ve heard a number people describe it as going from having a handful of offices to and it being that at home. And the vulnerabilities that come from that are quite obvious, so you’ve got the kind of accessing into networks, the access controls, the infrastructure itself all the things that you would expect to come from that are there but people are having to kind of rush at scale to plug those gaps and of course that is complicated by the kind of the teams that would normally be in the office to protect the corporate are now at home or maybe they are furloughed or maybe they are sick so suddenly the ability to deal with that crisis for months or even years to come.
We saw a significant spike in reporting of cyber crime. But the increase in reporting was domestic reporting. It was members of the public.
Identifying they had a problem and reporting that crime. Maybe that was because there was a spike. I suspect they may well have been, a lot of that was using Covid as a lure. But actually, because they have more time on their hands. The product of the other, but what we didn’t see an increase in was business reporting.
The big worry I think for us is. As businesses more and more come back to work, staff get back into office. They start to drill into the systems in a way that they haven’t been able to do at home, are we going to find a whole load of unidentified nastiness and you would kind of expect that to be the case?
As that has been created. And the reduced level of protection, you would expect there to be a real spike in damage. That hasn’t come through in terms of reporting yet.
So, are we sat on this kind of ticking malware time bomb?